Multiple lan DNS resolution

Installing and Using OpenWrt Network and Wireless Configuration
4

After adding a interface on my laptop to join my admin network, I'm now facing another DNS resolution problem.

When I try to resolv an address on admin.lan, I get the following error (192.168.1.x -> 192.168.51.x and 192.168.3.x -> 192.168.33.x)

$ nslookup linksys.admin.lan
Server:		192.168.51.254
Address:	192.168.51.254#53

** server can't find linksys.admin.lan: NXDOMAIN

root@linksys$ logread -f
...
Tue Mar 31 15:18:08 2020 daemon.info dnsmasq[5114]: 1 192.168.51.10/52811 query[A] linksys.admin.lan from 192.168.51.10
Tue Mar 31 15:18:08 2020 daemon.info dnsmasq[5114]: 1 192.168.51.10/52811 forwarded linksys.admin.lan to 127.0.0.1
Tue Mar 31 15:18:08 2020 daemon.info dnsmasq[5114]: 1 192.168.51.10/52811 reply linksys.admin.lan is NXDOMAIN
...

even if the resolv.conf seems ok:

# Generated by NetworkManager
search mydomain.lan admin.lan
nameserver 192.168.51.254
nameserver 192.168.33.254

I thought he was going to go to the second one, but I guess not.

But if I try with the admin DNS ip, it works:

$ nslookup linksys.admin.lan 192.168.33.254
Server:		192.168.33.254
Address:	192.168.33.254#53

Name:	linksys.admin.lan
Address: 192.168.33.254

To try to debug, I created a Virtualbox lab and here are the things I tested:

  1. trying several combinations of parameters: boguspriv, cachelocal, domainneeded, expandhosts, filterwin2k, local, localise_queries, localservice, nohosts, nonegcache, noresolv, resolvfile...

doesn't work

  1. trying to be inspired by the given solutions here, here and here:

doesn't work

  1. trying to modify /etc/resolv.conf, /tmp/resolv.conf or /tmp/resolv.conf.auto:

doesn't work

  1. the above solution works, but request is sent over the mydomain DNS, not the admin one:
root@OpenWrt:~# cat /etc/config/dhcp
...
list server '/admin/192.168.33.254'
list rebind_domain 'admin'
...
root@OpenWrt:~# logread -f
...
Tue Mar 31 11:08:15 2020 daemon.info dnsmasq[12365]: 5 192.168.51.10/50593 query[A] debian-admin.admin from 192.168.51.10
Tue Mar 31 11:08:15 2020 daemon.info dnsmasq[12365]: 5 192.168.51.10/50593 forwarded debian-admin.admin to 192.168.33.254
Tue Mar 31 11:08:15 2020 daemon.info dnsmasq[12366]: 5 192.168.33.254/11639 query[A] debian-admin.admin from 192.168.33.254
Tue Mar 31 11:08:15 2020 daemon.info dnsmasq[12366]: 5 192.168.33.254/11639 DHCP debian-admin.admin is 192.168.33.10
Tue Mar 31 11:08:15 2020 daemon.info dnsmasq[12365]: 5 192.168.51.10/50593 reply debian-admin.admin is 192.168.33.10
Tue Mar 31 11:08:15 2020 daemon.info dnsmasq[12365]: 6 192.168.51.10/53975 query[AAAA] debian-admin.admin from 192.168.51.10
Tue Mar 31 11:08:15 2020 daemon.info dnsmasq[12365]: 6 192.168.51.10/53975 forwarded debian-admin.admin to 192.168.33.254
Tue Mar 31 11:08:15 2020 daemon.info dnsmasq[12366]: 6 192.168.33.254/27208 query[AAAA] debian-admin.admin from 192.168.33.254
Tue Mar 31 11:08:15 2020 daemon.info dnsmasq[12366]: 6 192.168.33.254/27208 config debian-admin.admin is NODATA-IPv6
...

work

  1. this solution works too, but it goes also trough the mydomain DNS:
root@OpenWrt:~# cat /etc/config/dhcp
...
list address '/admin/192.168.33.254'
...

root@OpenWrt:~# logread -f
...
Tue Mar 31 11:09:22 2020 daemon.info dnsmasq[12956]: 1 192.168.51.10/45171 query[A] debian-admin.admin from 192.168.51.10
Tue Mar 31 11:09:22 2020 daemon.info dnsmasq[12956]: 1 192.168.51.10/45171 config debian-admin.admin is 192.168.64.254
Tue Mar 31 11:09:22 2020 daemon.info dnsmasq[12956]: 2 192.168.51.10/38334 query[AAAA] debian-admin.admin from 192.168.51.10
Tue Mar 31 11:09:22 2020 daemon.info dnsmasq[12956]: 2 192.168.51.10/38334 config debian-admin.admin is NODATA-IPv6
...

work

  1. Modifying the /etc/hosts with the revelant option works too, but as previously, the request is sent over the mydomain interface, and this requires maintaining the /etc/hosts file which I'd like to avoid.

work

So here are my (many...) questions:

  1. How can I tell my pc to ask the second DNS ? I tried with the option authoritative '0' but it doesn't work...
  2. What are differents between 4 and 5 ?
  3. Do I need dnsmasq to listen to loopback ? If so, which instance is supposed to listen ?
  4. What is the purpose of /tmp/hosts/dhcp.* ? Why is there only one entry ?
  5. What are the differencies between /tmp/resolv.conf, /tmp/resolv.conf.auto and those defined with resolvfile ? Who uses whom ?
  6. Which instance uses /etc/dnsmasq.conf ? Is there any revelant configuration options there ?
  7. Why is the router unable to resolve it's own address ?
root@OpenWrt:~# cat /tmp/resolv.conf
# Interface wan
nameserver 8.8.8.8
root@OpenWrt:~# nslookup OpenWRT.lan 127.0.0.1
Server:		127.0.0.1
Address:	127.0.0.1#53

** server can't find OpenWRT.lan: NXDOMAIN
** server can't find OpenWRT.lan: NXDOMAIN
root@OpenWrt:~# nslookup OpenWRT.admin 127.0.0.1
Server:		127.0.0.1
Address:	127.0.0.1#53

*** Can't find OpenWRT.admin: No answer
Name:      OpenWRT.admin
root@OpenWrt:~# nslookup OpenWRT.lan 192.168.51.254
Server:		192.168.51.254
Address:	192.168.51.254#53

** server can't find OpenWRT.lan: NXDOMAIN
** server can't find OpenWRT.lan: NXDOMAIN
root@OpenWrt:~# nslookup OpenWRT.admin 192.168.33.254
Server:		192.168.33.254
Address:	192.168.33.254#53

** server can't find OpenWRT.admin: NXDOMAIN
** server can't find OpenWRT.admin: NXDOMAIN
  1. I noticed this when I set the wan DNS to loopback:
Tue Mar 31 13:55:28 2020 daemon.info dnsmasq[2072]: 92 192.168.51.254/51901 query[PTR] 254.51.168.192.in-addr.arpa from 192.168.51.254
Tue Mar 31 13:55:28 2020 daemon.info dnsmasq[2072]: 92 192.168.51.254/51901 /tmp/hosts/dhcp.lan_dns 192.168.51.254 is OpenWrt
Tue Mar 31 13:55:28 2020 daemon.info dnsmasq[2072]: 93 192.168.51.254/51901 query[PTR] 2.56.168.192.in-addr.arpa from 192.168.51.254
Tue Mar 31 13:55:28 2020 daemon.info dnsmasq[2072]: 93 192.168.51.254/51901 config 192.168.56.2 is NXDOMAIN
Tue Mar 31 13:55:28 2020 daemon.info dnsmasq[2072]: 94 192.168.51.254/51901 query[PTR] 10.51.168.192.in-addr.arpa from 192.168.51.254
Tue Mar 31 13:55:28 2020 daemon.info dnsmasq[2072]: 94 192.168.51.254/51901 config 192.168.51.10 is NXDOMAIN
Tue Mar 31 13:55:28 2020 daemon.info dnsmasq[2072]: 95 192.168.51.254/51901 query[PTR] 10.33.168.192.in-addr.arpa from 192.168.51.254
Tue Mar 31 13:55:28 2020 daemon.info dnsmasq[2072]: 95 192.168.51.254/51901 config 192.168.33.10 is NXDOMAIN
Tue Mar 31 13:55:28 2020 daemon.info dnsmasq[2072]: 96 192.168.51.254/51901 query[PTR] 15.3.0.10.in-addr.arpa from 192.168.51.254
Tue Mar 31 13:55:28 2020 daemon.info dnsmasq[2072]: 96 192.168.51.254/51901 config 10.0.3.15 is NXDOMAIN
Tue Mar 31 13:55:28 2020 daemon.info dnsmasq[2072]: 97 192.168.51.254/51901 query[PTR] 254.33.168.192.in-addr.arpa from 192.168.51.254
Tue Mar 31 13:55:28 2020 daemon.info dnsmasq[2072]: 97 192.168.51.254/51901 /tmp/hosts/dhcp.test_dns 192.168.33.254 is OpenWrt
Tue Mar 31 13:55:28 2020 daemon.info dnsmasq[2072]: 98 192.168.51.254/51901 query[PTR] 1.56.168.192.in-addr.arpa from 192.168.51.254
Tue Mar 31 13:55:28 2020 daemon.info dnsmasq[2072]: 98 192.168.51.254/51901 config 192.168.56.1 is NXDOMAIN
Tue Mar 31 13:55:28 2020 daemon.info dnsmasq[2072]: 99 192.168.51.254/51901 query[PTR] 2.3.0.10.in-addr.arpa from 192.168.51.254
Tue Mar 31 13:55:28 2020 daemon.info dnsmasq[2072]: 99 192.168.51.254/51901 config 10.0.3.2 is NXDOMAIN

Who send these requests ? Why are they being sent continuously ? How can I stop them ? Why for example 192.168.51.10 is NXDOMAIN while it is defined in /etc/config/dhcp ?

I tried to be as exhaustive as possible but do not hesitate if you have any questions about my configuration.
I know there are many questions, but I really try the understand the various implications as there many places/options to set.
All I'm trying to do is to be able to resolve queries to the respective DNS, that the router is also capable of resolving all of them, and that requests sent continuously cease.

I'd be very grateful to anyone who can help me...